On Tue, 26 Nov 2024 at 22:32, Andrii Nakryiko <andrii.nakryiko@xxxxxxxxx> wrote: [...] > should we just drop this warning altogether? After all, we can call I'm in favour. > crash_kexec() without any warnings, if we have the right capabilities. > bpf_probe_write_user() is much less destructive and at worst will > cause memory corruption within a single process (assuming > CAP_SYS_ADMIN, of course). If yes, I think we should drop > bpf_get_probe_write_proto() function altogether and refactor > bpf_tracing_func_proto() to have > bpf_token_capable(CAP_SYS_ADMIN)-guarded section, just like > bpf_base_func_proto() has. Let me do that too. But as a separate patch 2/2 as it simplifies backporting the removal of the warning to older kernels.
